First of all my name is Kevin, aged 19 and living in Belgium - Europe.I've studied and graduated in network management this year, yet I feel like I don't know enough yet. I'd like to specialize in security as it's in my eyes the most fascinating subject in a computer network.Now after googling and browsing a lot to find a decent community, I found this website.It looks like my thoughts were right, and I do have a lot to learn about this all.Some of you (if not most of you) think 'oh no, another guy who wants to become a hacker', well you're right, I do want to become a security expert and hopefully build a career with it.

Since one has to begin somewhere, here are some first questions, if someone would want to answer them, that would be great!1) I am currently using windows xp, I will get myself a new machine and install Ubuntu on it, is Ubuntu any good or are all distributions basically the same except the way they work?2) Currently I have no programming skills whatsoever. I don't want to go off and start using tools that do everything for me, giving myself the idea that I'm doing great, so what language should I start with?3) Are there any tutorials for complete beginners such as myself to start with on this website? I've been browsing in the tutorial forum earlier, but by the looks of it, it's directed to those that are already skilled in the world of hacking.

Hopefully I'll learn a lot in this community, as I'm eager to get started.

Welcome to EH-Net! We're glad you decided to register and join our community and we all look forward to your continued participation

Congrats on graduating in network management, sounds like you're off to a very good start! Can I ask what sort of studies were included in your network management courses?

Security is not really something that would be considered 'entry-level' and you can't just jump into it as you can with other computer aspects. To become a security expert, you'll need a very well rounded and in-depth computer background. Keep in mind, there are different paths within computer security as well, but I'll keep this reply pretty general. I also am still new to the field and you'll probably get some other great advice from some of the other members that have been working in the field for some time.

Anyway, onto your questions...

1) Windows XP is perfectly fine. If you have enough RAM, or have the finances to purchase some, I would highly suggest getting a copy of VMware (or MS Virtual Server). With a Virtual Machine, you will be able to run multiple computers within a single machine. This is great for people learning security! That way you don't have to worry about having multiple physical computers, or partitioning hard drives. Ubuntu is a great place to start on Linux. The reason being is that the support community for Ubuntu is incredible. I would also recommend Fedora for beginners as well. Both of those OS's have good community and hardware support.

2) Heh.. this is just asking for an argument Keep in mind, it's not required to know how to program to be in security (although it can tremendously helpful). Again, this somewhat depends on what type of security you're looking towards. If you don't know it already, I would suggest starting with something easy like (X)HTML. At least knowing that, you'll be able to understand what's going on with websites. From there, you could either go further into web, such as PHP or ASP which will give you a better understanding of how dynamic sites communicate and work with a backend database, or you could go into C which will allow you to understand most exploit code and also allow you to write your own (as many exploits are written in C). C will also give you a good base for going to other programming languages.

3) I'm not sure if we have anything like what you're looking for in a tutorial form. I'm not sure you'll really find that anywhere. What I would suggest is checking out a couple of books.. Counter Hack Reloaded, Gray Hat Hackers Handbook, and the CEH Review Guide by Michael Gregg. Each of those provides clear samples/examples of tool usage. The Hacking Exposed books are normally good references also. In addition, this entire community can provide a lot of support on specific questions you have, and most of the time will provide you with an answer. All you have to do is ask

I hope that helps answer your questions at least a little bit, and I'm sure others will reply soon too.

Best of luck to you

Last edited by venom77 on Fri Aug 17, 2007 10:59 pm, edited 1 time in total.

Welcome to our growing community. There are plenty of resources on the site for the beginner. I'll try my hand at recommending what will work for you and answering your questions:

1. Any Linux distro has the same core, so, for a beginner, it's more important to get your feet wet with any distro than to stick with Windows only. After you get comfortable, then you can branch out and find the distro that works for you. As for a great distro with hacking tools, try BackTrack.

2. Go to the /root section and read the intro to programming articles by Craig Heffner. You won't be sorry. As for what language to start with, try these threads:

I think if you utilize these resources, you'll find more along the way. Also, don't be shy. Ask as many simple questions as possible. You'll find that this community is unlike any other in acceptance of newbies. We all started aomewhere, and we're all willing to help. Plus, the more you ask in a public forum, the more others after you will learn and advance their careers as well. That's why we're here.

BillV wrote:Congrats on graduating in network management, sounds like you're off to a very good start! Can I ask what sort of studies were included in your network management courses?

Well we've seen quite a lot, but not that in depth. We've made our first steps into Linux with Ubuntu, later with SUSE 10. Our teacher wasn't any good himself, so it came down to self study, just to be bollocked by that teacher. This took away a lot of our courage to continue with Linux. But I'm sure this can't be a problem What we've seen in linux was DNS, mySQL, apache, vmware, ipcop, but because of the teacher we didn't see it decently. So I know what they do, and I remember some of it, but I wouldn't be able to set it up without a guide or so (which I will look up later).

On Windows platform we had an excellent teacher who taught us a lot, more than he had to. We've seen W2003 server, its functions & some applications (ISA, exchange), how to let them communicate with other computers, VPN, ...

Other than that, we've seen very basic stuff such as making network cables (not impressing but hey, it needs to be done ), (manual) subnetting, network architectures, ...

In order to succeed, we had to make a project of our own choice, ofcourse it had to be related to networking. I did mine around DMZ's and devices in DMZ's (IDS, honeypots, ..).

Hope this answered your question.

Thank you to all the rest for the useful links, I will read the articles from Craig Heffner as soon as possible.Learn Security Online has been added to my favourites, together with EH-Net.

Something that will make it easier for me to see the bigger picture might be making a list of things to read and to do. I'll get into that today & tomorrow.

About vmware, the cpu power isn't any problem, harddisk space will be.Question is, do ubuntu and backtrack support dualcore cpu's trough vmware?If not, I'll set up a pc with a singlecore cpu.

Now, on to the planning!

Last edited by bkevin on Sat Aug 18, 2007 7:21 am, edited 1 time in total.

About vmware, the cpu power isn't any problem, harddisk space will be.Question is, do ubuntu and backtrack support dualcore cpu's trough vmware?If not, I'll set up a pc with a singlecore cpu.

Good question. I'm not too sure. I just recently got my main computer back in working order and haven't gotten around to re-installing any Linux OS'es yet. I would imagine that you'd still be able to run them on a computer with a dual core whether they support it or not.

Adding to what Bill and Don stated here, I suggest you to get into the core of TCP/IP and its associated protocol suite. Also under the programming list, you can add Perl which will always give you an upper hand.

Most distributions of Linux ship with kernels that have Symmetric Multi-Processing (SMP) support built in. The following command will tell you how many CPUs your kernel is recognizing, both physical and virtual.

Code:

cat /proc/cpuinfo | grep '^processor' | wc -l

If it is not displaying your dual core, you can compile and install your own kernel with SMP support enabled. Google for kernel compilation documents. This is a good link:

Thanks for the guide Manu Zacharia.Now I downloaded the latest version of Backtrack, tried to install it with VMWare server. After hassling with the resolution (which was in 640x...), I finally managed to let it install. I followed this guide: http://www.offensive-security.com/docum ... nstall.pdfWhen it finished installing, i rebooted the virtual machine and put boot from HDD as first in the BIOS. After saving & exit, I couldn't wait to start exploring backtrack. Problem is: Backtrack won't boot at all, not from the harddisk that is.I couldn't find any solutions trough google, so here I am, asking for advice Thanks in advance

We're testing the final version of EH-Net's version of BackTrack 2. Our version not only has Metasploit 3 and some other enhancements not found in the current version of BT2, but it is also a stand-alone VMware Virtual Appliance. This means that you can download VMware Player, point it to our version and your running BT!!

This is a fully sanctioned version from Offensive Security put together by Mati himself.

bkevin wrote:Thanks for the guide Manu Zacharia.Now I downloaded the latest version of Backtrack, tried to install it with VMWare server. After hassling with the resolution (which was in 640x...), I finally managed to let it install. I followed this guide: http://www.offensive-security.com/docum ... nstall.pdfWhen it finished installing, i rebooted the virtual machine and put boot from HDD as first in the BIOS. After saving & exit, I couldn't wait to start exploring backtrack. Problem is: Backtrack won't boot at all, not from the harddisk that is.I couldn't find any solutions trough google, so here I am, asking for advice Thanks in advance

Kevin,

The guide is inaccurate due to the installer program not working correctly (last I checked anyway). If you want to install it to a HD, or a virtual HD, follow my notes below. The notes are for a dual-boot configuration, so adjust accordingly if installing to a single HD (no need to partition). When copying the directories, it will take some time so be patient.

Or, you could just wait until the EH-Net version is released as it sounds like it'll be a bit easier

I followed your guide as much as possible. In some scenario's it was impossible to do so though.qtparted didn't do as you described, so I removed the partitions with fdisk, since new ones are made afterwards. Creating the new ones didn't give any problems so it should be ok.Copying, mounting and chroot worked fine, but then:when I tried lilo -v, it gave me this:

I tried googling it but got back without any result.Maybe I should wait for the EH-Net version of Backtrack. But then again, I will face problems in the future as well that won't be able to evade...Dilemma

Now I was thinking... is it ok to ask all these questions in an introduction thread?